﻿Imports System.Data.SqlClient

Public Class cn_password_edit
    Inherits System.Web.UI.Page
    Dim code, email As String
    Dim exp As Date
    Dim sSQL As String = ""
    Dim strErr As String = ""
    Dim objfind As New GetData
    Dim objrd As SqlDataReader = Nothing
    Dim ps As New PreparedStatement(sSQL)
    Dim sh As New SHA1

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        code = Request("code")
        email = Request("email")
        ps.addParameter("email", email)
        If Request("btnUpdate") <> Nothing And Request("btnUpdate") <> "" Then
            Exit Sub
        End If

        sSQL = "select check_code,check_code_exp  from  member where email=@email"

        ps.strSql = sSQL
        Dim conn As SqlConnection = objfind.getConn()

        objrd = objfind.dr(ps, strErr, conn, objrd)
        If objrd.Read() Then
            If sh.mySHA(email & objrd("check_code").ToString) <> code Then
                Response.Redirect("cn_passwordfailed.aspx")
                objfind.closeConn(conn)

                Exit Sub
            ElseIf Date.Compare(Now(), objrd("check_code_exp")) > 0 Then
                Response.Redirect("cn_passwordfailed.aspx")
            End If
        Else
            Response.Redirect("cn_passwordfailed.aspx")
        End If
        objfind.closeConn(conn)

    End Sub

    Private Sub btnUpDate_Click(sender As Object, e As System.EventArgs) Handles btnUpDate.Click
        Dim strPwd1, strPwd2 As String
        Dim Msg As String = ""
        strPwd1 = pwd1.Text
        strPwd2 = pwd2.Text
        If strPwd1 = "" Then
            Msg = "请输入新密码"
        ElseIf (strPwd1 <> strPwd2) Then
            Msg = "两次密码不一致"
        End If
        If Msg <> "" Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000"">错误！</font></b><p>" & Msg & "</p></center>"
            Exit Sub
        End If
        ps.strSql = "update member set password=@password where email=@email"
        ps.addParameter("password", sh.mySHA(strPwd1))
        objfind.es(ps, strErr)
        If strErr = Nothing Or strErr = "" Then
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000""> 密码修改成功！</font></b></center>"
        Else
            result.InnerHtml = ""
            result.InnerHtml = "<center><b><font color=""#FF0000"">错误！</font></b><p>" & strErr & "</p></center>"
        End If
    End Sub

    Private Sub btnCancel_Click(sender As Object, e As System.EventArgs) Handles btnCancel.Click
        Response.Redirect("cn_index.aspx")
    End Sub
End Class